what is more controversial Than a popular surveillance camera maker with an uncomfortably close relationship with US police? When ransomware hackers claimed to have breached the company — Amazon-owned camera maker Ring — to steal its data, Ring responded by denying the intrusion.
But we will do it.
Five years ago, Dutch police arrested members of Russia’s GRU military intelligence service on the spot as they attempted to hack into the Hague-based Organization for the Prohibition of Chemical Weapons. The team parked their rental car outside the group’s building and hid a Wi-Fi listening antenna in the trunk. In the GRU group, Evgenii Serebriakov was spotted carrying more Wi-Fi hacking tools in his backpack.
Since then, surprisingly, Serebryakov’s stature has only grown. This week, Western intelligence sources told WIRED that Serebriakov is now the new leader of one of the world’s most aggressive hacking groups. Serebriakov took over Sandworm in the spring of 2022, responsible for some of the worst cyberattacks in history. Experts say his promotion to a senior job shows how small the number of skilled nation-state hackers may be and demonstrates Serebryakov’s value to Russia.
Everywhere on the Internet is safe from threats – including LinkedIn. This week, we learned how spies, con men and hackers from Iran, North Korea, Russia and China use specialized networks to spy on and get closer to intelligence targets. Additionally, LinkedIn was plagued by thousands of suspicious accounts; it removed hundreds from WIRED’s profiles when we reported them.
The West’s crackdown on TikTok continues — this week the UK joined the US, Belgium, Canada and the European Union in banning the social media app from government devices. But in the US, Senator Mark Warner is trying to pass legislation under the guise of a bipartisan restriction bill that would allow officials to ban apps and services from six “hostile” countries: China, Russia, North Korea, Iran, Cuba, and Venezuela. We sat down with Warner and asked about the plans.
A Wired analysis of “cybercrime” cases across the U.S. shows that the term can be very vague and broad. Without a clear and universal definition of cybercrime, human rights and civil liberties concerns can spread across the globe. Speaking of criminals, scammers are getting better at deceiving people using voice deepfakes. Ransomware gangs are plummeting to new sad lows. As more companies and organizations refuse to pay ransoms, criminal gangs are increasingly using ransomware as leverage: They are now releasing photos stolen from cancer patients and sensitive student records.
But wait, there’s more. Each week, we round up security news that we don’t cover in depth ourselves. Click a title to read the full story, and stay safe.
ALPHV, a prolific hacking group that uses ransomware to blackmail companies and leak their stolen data, said earlier this week that it had breached security camera maker Ring and threatened to rip off security cameras if it didn’t pay. Dump the company’s data online. “There is always an option for us to leak your data…” the hackers wrote in a message to Ring on their leaked website. Ring’s response so far has been denial, telling Vice’s Motherboard that “we have no current indications of a ransomware incident,” but it said it knows of one third-party vendor that has experienced one. Ring said the vendor did not have access to any customer records.
Meanwhile, ALPHV, which has previously used its BlackCat ransomware to target companies including Bandai Namco, Swissport and hospital company Lehigh Valley Health Network, has stood by its claim that it violated Ring, not a third-party vendor. A member of malware research group VX-Underground shared with WIRED a screenshot of a conversation with an ALPHV representative who said that “negotiations” with Ring are still underway.
In the ongoing ransomware epidemic, it’s no surprise that Ring isn’t the only one facing extortion problems. So is Maximum Industries, a supplier of rocket parts to Elon Musk’s SpaceX. The hackers, a well-known ransomware gang known as LockBit, taunted Musk on their website, threatening to sell the stolen information to the highest bidder if Maximum didn’t pay by the March 20 deadline. people. “I’d say we’d be lucky if Space-X’s contractors were more talkative. But I think this material will find a buyer sooner,” the hacker wrote. “Elon Musk we’ll help you sell your drawings to other manufacturers.”
Google’s Project Zero, its security research group that hunts for unknown flaws in widely used tech products, warned on Thursday that it had found a critically exploitable vulnerability in Samsung chips used in dozens of Android devices. loophole. In total, the researchers found 18 apparent vulnerabilities in Samsung’s Exynos modems for smartphones, but they said four of them were particularly serious, allowing hackers to “remotely compromise the phone at the baseband level, without user interaction and only requiring the attacker’s knowledge.” Victim’s phone number.” Project Zero rarely releases information about unpatched vulnerabilities. But it said it gave Samsung 90 days to fix the flaws, which it hasn’t done yet. Perhaps, a little public shaming might prompt Samsung to move faster to protect Google users from an insidious form of attack.
Since 2017, cryptocurrency “mixer” service ChipMixer has quietly grown into a cryptocurrency laundering powerhouse, taking users’ coins, mixing them with other coins, and sending them back to obscure the funds’ trail on the blockchain . In the process, the Justice Department said, it laundered $3 billion worth of criminal funds, including ransomware payments, loot stolen by North Korean hackers and even profits from the sale of child sexual exploitation material. Now, ChipMixer has been taken offline and its infrastructure seized in an operation by multiple European law enforcement agencies, coordinated by Europol, as well as by the FBI and the Department of Homeland Security. The alleged creator of the site, Minh Quốc Nguyễn, a 49-year-old Vietnamese national, remains out of reach: he has been charged with money laundering only in absentia.
But the most intriguing outcome of the case may have more to do with the collapse of the now-notorious cryptocurrency exchange FTX: Some of the funds stolen from FTX in November’s bankruptcy proceedings were funneled into ChipMixer. Seizing the mixing service’s servers will likely thwart the FTX thieves’ attempts to evade tracking and help solve one of the mysteries at the heart of the high-profile heist.
A $200 million theft would be worth the nadir in a news roundup only in a world of cryptocurrencies where thefts of more than $5 billion occur multiple times a year. Earlier this week, distributed trading protocol Euler Finance lost nearly $200 million in cryptocurrency after hackers discovered a bug in its code. At first, Euler, the company behind the protocol, offered to keep the $20 million if the hackers returned the remaining funds. But after that offer was ignored — and, in fact, the hackers had sent the funds to the Tornado Cash mixing service, hoping to cover their tracks — the company announced a $1 million bounty for the hackers.
